Supply Chain Compromise

Case Study – Supply Chain2018-10-05T02:23:28+00:00


After several network breaches, an internal committee identified the enterprise supply chain as the biggest source of malicious network activity. The enterprise required multiple specialized subcontractors, and each subcontractor had (or did not have!) their own processes and procedures around IT security that were complicated by the extensive use of specialized equipment. For example, one subcontractor required Windows XP as a control system for large industrial milling equipment, another required special data processing and analytic software that was incompatible with some critical OS security patches, and a different contractor had multiple engineers who frequently travelled worldwide and exposed their devices to a wide range of hostile environments. The enterprise had previously tried to address this concern using compliance and robust security policies but found that even with a regularly scheduled review and compliance check of their security policies, windows of vulnerability existed with nearly every subcontractor. Once a vulnerability was exposed, it could be compromised extensively before the next security audit, and the enterprise was constantly battling attackers within its own networks. With deployment of the GoSilent Client to all subcontractor facilities, and in some cases to every single user within the subcontractor, the enterprise was able to seamlessly upgrade its entire network security footprint without compromising daily business operations. Centralized control and policy enforcement were now also possible, and no subcontractors were required to update their legacy equipment. Today, the customer has implemented GoSilent and restored the security of its supply chain. New threats have been halted and there is complete visibility into each individual subcontractor’s Internet data.